- Newest
- Most votes
- Most comments
I assume any instance in the same account can access the Dynamo table
No. You must apply IAM role (instance profile) to every particular EC2 instance
You can do it during instance creation or for existing EC2 instance
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html
Yes I did that on the instance already but still the same problem. I added it to an already running and active server.
what this command shows ? aws sts get-caller-identity
does your instance have access to the internet ?
using cli it gives : Unable to locate credentials. You can configure credentials by running "aws configure". It has internet.
cat ~/.aws/credentials
Hi,
Did you check via aws sts get-caller-identity
(or equiv in your SDK language) under which id you were executing the dDnamoDB. GIven your error, it's probably not under the identity of the role that you have defined.
So, add aws sts assume-role --role-arn "<arn-of-your-role>"
in your code prior to DDB calls and it should go through.
Best,
Didier
Does that still apply though as I am using the same account EC2 and DynamoDB?
I tried that and it gives, Unable to locate credentials. You can configure credentials by running "aws configure". Is it possible the firewall in aws prevents a response?
Ensure that the subnet in which your instance sits has either internet access (IGW in the route table) or a gateway endpoint for DynamoDB in the route table.
This link has the details on the Gateway Endpoint for Dynamo. https://docs.aws.amazon.com/vpc/latest/privatelink/vpc-endpoints-ddb.html
Hope this helps!
it has internet access
Relevant content
- asked a year ago
- asked 2 years ago
- AWS OFFICIALUpdated 2 days ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 months ago
- AWS OFFICIALUpdated 4 months ago
- AWS OFFICIALUpdated a month ago
please accept the answer if it was useful